| Platform SDK: Active Directory, ADSI, and Directory Services |
The ldap_set_option function sets options on connection blocks. For more information on structures see Data Structures.
ULONG ldap_set_option( LDAP* ld, int option, void* invalue );
If the function succeeds, the return value is LDAP_SUCCESS.
If the function fails, it returns an error code. See Return Values for more information.
Call ldap_set_option to access the LDAP structure that represents an LDAP session. Do not attempt to modify the LDAP data structure directly.
See Session Options for a description of optional settings that apply to an LDAP session. For other related information and flags, see DsGetDcName.
It is now possible to digitally sign or encrypt all of your ldap traffic to and from a Windows 2000 LDAP server using the Kerberos authentication protocol. This new feature provides integrity and confidentiality required by some applications. Note that using secure sockets layer (SSL) will give you the same benefits, but requires painstaking certificate enrollments for the server and sometimes for the client.
To enable signing/sealing, you have to turn on one of the following options prior to calling ldap_bind_s with LDAP_AUTH_NEGOTIATE for the bind method.
#define LDAP_OPT_SIGN 0x95 #define LDAP_OPT_ENCRYPT 0x96
To turn off signing/sealing, you have to close the connection by calling ldap_unbind() on the connection handle.
Multithreading: Calls to ldap_set_option are not safe because it affects the connection as a whole. Use caution if threads share connections.
Windows NT/2000: Requires Windows NT 4.0 SP4 or later.
Windows 95/98: Requires Windows 95 or later. Available as a redistributable for Windows 95.
Header: Declared in Winldap.h.
Library: Use Wldap32.lib.
DsGetDcName, Functions, LDAP, ldap_get_option, Return Values